IBM Fundamentals of Applying Tivoli Security and Compliance Management Solutions V2.

Transcription

1 IBM Fundamentals of Applying Tivoli Security and Compliance Management Solutions V2

2 A. IBM will provide legal, accounting, or auditing advice. B. Customers are responsible for ensuring their own compliance with various laws C IBM warrants that its products or services will ensure that th customer Is in compliance with me law D. IBM only ensures mat customers will be in compliance with Graham-Leach-Bliley Act, Sarbanes- Oxley Act, and Health Insurance Portability and Accountability Act Answer: B QUESTION: 100 A customer needs to have a federated single sign-on with a requirement not to have any user identifiable information transmitted between parties. Which two protocols supported by IBM Tivoli Federated Identity Manager fulfill this requirement? (Choose two.) A. SAMLVI.O B. LibertyVl.2 C. LibertyVl.1 D. WS-Federation E. WS-Provisioning Answer: B, C QUESTION: 101 Which statement best describes IBM Tivoli Security Compliance Manager (Tivoli Security Compliance Manager)? A. Tivoli Security Compliance Manager analyzes system, middleware and network devices security controls, and parameters according to a configurable schedule B. Tivoli Security Compliance Manager analyzes system. Middleware and network devices security logs against a given security policy, and provides deviations. C. Tivoli Security Compliance Manager extracts system, Middleware and network devices security controls and parameters, compares them against a given security policy and provides deviations. D. Tivoli Security Compliance Manager extracts system. Middleware and network devices security controls, and parameters, compares them against a given security policy, and provides a qualitative risk evaluation report Answer: C 35

3 QUESTION: 102 A business partner 01 IBM, specializing in security products, is interested in setting up a specific system configured to simulate a few common network services. They want to intentionally leave it exposed to me external network access, In order to attract would-be attackers and study their attack patterns which term is used to denote such a system? A. Proxy B. Honeypot C. Web Server D. Bastion Host Answer: B QUESTION: 103 Which security token may carry user attribute information as part of the defined token format? A. Kerberos B. RACF Token C. SAML Assertion D. Username Token Answer: C QUESTION: 104 Which information should a customers baseline document include? A. description of IT organization and environment B. list of all user IDs and passwords in me enterprise C. comprehensive list of all audited elements in the network D. detailed description of the customers original network configuration Answer: A QUESTION: 105 Which to business goals are accomplished through the implementation of a successful automated security management process? (Choose two.) 36

4 A. reduce impact or threats B. increase data availability C. increase data duplication D. eliminate any risk of frauds E. reduce the cost of ownership Answer: A, E QUESTION: 106 In the meetings with a company s key players, Information is garnered on the company s operating system environments It is discovered mat the customer relies on native operating system security to secure access to these systems This Information will help in developing a baseline document describing the customers current security design What are three security gaps mat result from me use of native operating system security? (Choose three) A. user management B. centralized auditing C. group management D. network access control E. password management F. file system management Answer: A, B, C QUESTION: 107 Which IBM Tivoli product, part of the zsecure suite, provides integrated remediation for IBM Tivoli zsecure Audit? A. IBM Tivoli zsecure Alert B. IBM Tivoli zsecure Admin C. IBM Tivoli Enterprise Console D. IBM Tivoli zsecure Operations Manager Answer: B QUESTION: 108 Which IBM Tivoli security product provides single sign-on (SSO) support for both UNIX Telnet and host-based mainframe applications? 37

5 A. IBM Tivoli Identity Manager B. IBM Tivoli Federated Identity Manager C. IBM Tivoli Access Manager for e-business D. IBM Tivoli Access Manager for Enterprise SSO Answer: D QUESTION: 109 A customer says We are going through the latest big initiative right now. The focus is on me time to market with new, bigger, and better Web-based business applications We have no time for implementing stronger security and we do not see how you can help us with this What is me primary security requirement Indicated by me customers statement? A. Standards-based federated identity management toots are required B. User management and provisioning can help this customer achieve more efficient and effective processes. C. Strong risk management infrastructure will eliminate the need for security in these applications, allowing me focus to be on business logic. D. More consistent authentication and authorization service-oriented architecture is needed for the applications, saving application development time Answer: D QUESTION: 110 Which two standard-based interoperabilities does IBM Tivoli Security Policy Manager deliver? (Choose two.) A. SOX. HIPAA,, ISO 27001, and GLBA B. XML structure Websphere Plug-in C. XACML standard for entitlements management D. WS-Policy, WS-Security Policy for SOA security E. SAML 10, WS-Federation, Liberty 1.1. and WS-Provisioning Answer: C, D 38

6 For More exams visit Kill your exam at First Attempt...Guaranteed!